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authentication process can be carried out. In a case where the SIM is the SIM of a 
subscriber to a particular cellular telecommunications network, the authentication process 
can be carried out by that network. 

It should be noted that the authentication process being described does not necessarily 
authenticate the human identity of the user. For example, cellular telecommunication 
networks have pre-pay subscribers who are issued with SIMs in return for pre-payment 
enabling them to make calls on the network. However, the identity of such pre-pay 
subscribers is not known (or not necessarily known) by the networks. Nevertheless, such 
a user cannot make use of the network until the network has authenticated that user's SIM 
- that is, has confirmed that such user is a particular user who has a particular pre-paid 
account with the network. The SIMs of such pre-paid users or subscribers could equally 
well be used (in the manner described) in or in association with data processing apparatus 
or computers, for the purposes of authenticating that user. 

The SIM need not take the form of a physical (and removable) smart card but instead can 
be simulated by being embedded in the data processing apparatus or computer in the form 
of software or represented as a chip for example. 

It may be desirable to be able to change the authentication information on the SIM (or 
simulated SIM) to take account of changed circumstances. For example, the SIM maybe 
a SIM registered with a particular cellular telecommunications network - a network 
applicable to the country or region where the data processing apparatus or computer is to 
be used. However, circumstances may arise (for example, the apparatus or the computer 
is physically moved to a different country or region) in which it is desirable or necessary 
to re-register the SIM with a different cellular telecommunications network. Ways in 
which this can be done are disclosed in our co-pending United Kingdom patent 
applications Nos. 01 18406.8, 0122712.3 and 0130790.9 and in our corresponding PCT 
applications Nos. GB02/003265, GB02/003260 and GB02/003252. As described therein 
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CLAIMS 



1 . A method for authenticating a transaction with data processing apparatus in which 
the data processing apparatus has operatively associated with it authentication storage 
means for storing predetermined authentication information, and including the step of 
carrying out an authentication process via a communications link for authenticating the 
transaction, the authentication process involving the use of the predetermined 
authentication information. 

2. A method according to claim 1 , in which the transaction is a transaction involving 
use of the data processing functions of the data processing apparatus. 

3. A method according to claim 1 or 2, in which there is a plurality of the 
authentication storage means. 

4. A method according to claim 3 , in which the step of carrying out the authentication 
process is at least partly carried out by authentication means which is common to all the 
authentication storage means of the said plurality thereof. 

5. A method according to claim 3 or 4, in which each authentication storage means is 
associated with a specific data processing apparatus. 
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6 A method according to claim 1 or 2, in which there is a plurality of the 
authentication storage means each respective to a particular one of a plurality of specified 
users of the data processing apparatus, and in which the authentication process involving 
the use of the predetermined information from a particular one of the authentication 
storage means authenticates a transaction by the one of the specified users which is 
respective to that authentication storage means. 

7. A method according to claim 6, in which the step of carrying out the authentication 
process is at least partly carried out by authentication means which is common to all the 
users. 

8. A method according to claim 7, in which the authentication means which is 
common to all the users is authentication means which is part of a system with which all 
the authentication storage means are registered. 



9. A method according to claim 8, in which the system is a telecommunications 
network and in which the predetermined information stored by the authentication storage 
means for each user corresponds to information used to authenticate that user in relation 
to the telecommunications network. 



10. A method according to claim 8 or 9, in which each user is authenticated in the 
system by means of the use of a smart card or subscriber identity module (e.g. SIM), and 
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in which the authentication storage means respective to that user corresponds to or 



simulates the smart card for that user. 



11. A method according to any one of claims 8 to 1 0, including the step of registering 



12. A method according to any preceding claim, in which the authentication storage 
means is associated with the data processing apparatus by being associated with data or 
software for use by that data processing apparatus. 

13. A method according to claim 12, in which the authentication storage means is 



14. A method according to any preceding claim, in which the authentication process 
involves the sending of a message and the generation of a response dependent on the 
message and the predetermined information., 

15. A method according to any preceding claim, including the step of levying a charge 
for the transaction when authenticated. 



one or more of the authentication storage means with a different system. 



incorporated on a data carrier for the data or software. 



16. A method according to any one of claims 8 to 1 1 , including the step of levying a 
charge for the transaction when authenticated, the step of levying the charge being carried 
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out by the said system. 

17. A method according to any preceding claim, in which the data processing 
apparatus is a personal computer. 

18. Data processing apparatus in combination with authentication storage means 
storing predetermined information relating to the authentication of a transaction with the 
dataprocessing apparatus, the authentication storage means when operatively associated 
with the data processing apparatus being responsive to an authentication process carried 
out via a communications link for authenticating the transaction, the authentication 
process involving the use of the predetermined information. 

19. Apparatus according to claim 1 8, in which the transaction is a transaction involving 
use of the data processing functions of the data processing apparatus. 

20. Apparatus according to claim 1 8 or 1 9, in which the authentication storage means 
is specific to the data processing apparatus. 

21. Apparatus according to claim 18 or 19, in which there is a plurality of the 
authentication storage means each for storing predetermined authentication information 
respective to any one of a plurality of specified users and each relating to the 
authentication of a transaction with the data processing apparatus by the respective one of 




the specified users. 



22. Apparatus according to claim 21, including remote authentication means for at 
least partly carrying out the authentication process and which is part of a system with 
which all the users are registered. 

23. Apparatus according to claim 22, in which the system is a telecommunications 
network and in which the predetermined authentication information respective to each 
user corresponds to information used to authenticate that user within the 
telecommunications network. 

24. Apparatus according to claim 22, in which each user is authenticated in the system 
by means of the use of a subscriber identity module (SIM) in the form of a smart card, and 
in which the authentication storage means respective to that user corresponds to or 
simulates the subscriber identity module for that user. 

25. Apparatus according to any one of claims 18 to 24, in which the authentication 
process involves the sending of a message and the generation of a response dependent on 
the message and the predetermined information. 

26. A data carrier carrying data for use in and by data processing apparatus, the data 
carrier also incorporating authentication storage means storing predetermined 
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authentication information responsive to an input message for deriving a response 
dependent on the input message and on the authentication information for use in a 
remotely operative authentication process for authenticating a transaction involving use of 
the data carried by the data carrier. 



27. A data carrier according to claim 26, in which the data carried by the data carrier 
includes software. 

28. A data carrier according to claim 26 or 27, in which the authentication storage 
means is one of a plurality of such authentication storage means which are registered with 
a common system, including authentication means for carrying out the authentication 
process. 

29. A data carrier according to claim 28, in which the common system is a 
telecommunications network. 

30. A data carrier according to claim 29, in which the telecommunications network has 
a plurality of users registered therewith which are authenticated therein by means of the 
use of respective subscriber identity modules (SIMs) in the form of smart cards, and in 
which the authentication storage means corresponds to or simulates such a subscriber 
identity module. 




JV JL 52 



2004/036513 ^^T/GB2003/004390 



A method according to any one of claims 1 to 17, wherein the 
authentication storage means communicates wirelessly to 
authenticate the transaction. 



32. A method according to claim 10, wherein the smart card or SIM 
authenticates the transaction when the smart card or SIM is operable 
in a mobile terminal. 

33. A method according to claim 10, wherein the smart card or SIM is 
further operable to authenticate a mobile terminal for use in the 
system. 

34. A method according to any one of claims 1 to 17, wherein the 
authentication storage means is provided with a carrier coupleable to 
the data processing apparatus. 

35. Apparatus according to any one of claims 18 to 29, wherein the 
authentication storage means communicates wirelessly to 
authenticate the transaction. 

36. Apparatus according to claim 24, wherein the smart card or SIM 
authenticates the transaction when the smart card or SIM is operable 
in a mobile terminal. 

37. Apparatus according to claim 24, wherein the smart card or SIM is 
further operable to authenticate a mobile terminal for use in the 
system. 
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38- Apparatus according to any one of claims 18 to 29, wherein the 
authentication storage means is provided with a carrier coupleable to 
the data processing apparatus. 



